Here are some of the forensics tools you would need to get started in Cyber Forensics
FTK Imager
FTK® Imager is a data preview and imaging tool used to acquire data (evidence) in a forensically sound manner by creating copies of data without making changes to the original evidence.
Encase Imager
EnCase is the shared technology within a suite of digital investigations products by Guidance Software (now acquired by OpenText). Encase is traditionally used in forensics to recover evidence from seized hard drives. Encase allows the investigator to conduct in depth analysis of user files to collect evidence such as documents, pictures, internet history and Windows Registry information.
ProDiscover
ProDiscover provides a rich set of features and toolkits for Computer Forensics and Incident Response. The product suite is also equipped with diagnostic and evidence collection tools for corporate policy compliance investigations and electronic discovery.
Autopsy
Autopsy is computer software that makes it simpler to deploy many of the open source programs and plugins used in The Sleuth Kit. The graphical user interface displays the results from the forensic search of the underlying volume making it easier for investigators to flag pertinent sections of data.
Wireshark
Wireshark is the world’s leading network traffic analyzer, and an essential tool for any security professional or systems administrator. This free software lets you analyze network traffic in real time, and is often the best tool for troubleshooting issues on your network.
Sysinternals
Windows Sysinternals is a website that offers technical resources and utilities to manage, diagnose, troubleshoot, and monitor a Microsoft Windows environment. ... The software can now be found at Microsoft. The company also sold data recovery utilities and professional editions of their freeware tools.
MOBILedit
MOBILedit Forensic Express is a phone and cloud extractor, data analyzer and report generator all in one solution. A powerful 64-bit application using both the physical and logical data acquisition methods, MOBILedit is excellent for its advanced application analyzer, deleted data recovery, live updates, wide range of supported phones including most feature phones, fine-tuned reports, concurrent phone processing, and easy-to-use user interface. With the password and PIN breaker you can gain access to locked ADB or iTunes backups with GPU acceleration and multi-threaded operations for maximum speed.
Browser History Examiner
Browser History Examiner (BHE) is a forensic software tool for capturing,
analysing and reporting internet history from the main desktop web browsers.BHE can assist in various digital investigations such as civil & criminal digital forensics cases, security incidents, human resources investigations and general employee activity reporting.
Forensic Express
Forensic Express offers maximum functionality at a fraction of the price of other tools. It can be used as the only tool in a lab or as an enhancement to other tools through its data compatibility. When integrated with Camera Ballistics it scientifically analyzes camera photo origins.
